<!--
	o   Will allow users to reset their passwords by asking them security questions
-->

<h1>Password Recovery Page</h1>

<?php
if(isset($_POST['recover']) )
{
	if (strcmp($_POST['SA1'], $_POST['ANSWER1']) == 0 && strcmp($_POST['SA2'], $_POST['ANSWER2']) == 0)
	{
		$USRID = $_POST['USRID'];
		include('connect.php');
		$query = "SELECT `PASSWORD` FROM `USERS`WHERE USRID=" . $USRID . ";";
		$result = mysql_query($query);
		echo "Your Password is: " . mysql_result($result,0);
/*		echo <<<_END
		<h2>Enter new password</h2>
		<form action="?page=password" method="post"> <pre>
		<table border=2 width=100>
			<tr><th>PASSWORD</th><th><input type="password" name='PASSWORD'/></th></tr>
			<tr><th>CONFIRM PASSWORD</th><th><input type="password" name='CONFPASSWORD'/></th></tr>
		</table></pre>
		<input type="hidden" name="USRID" value="$USRID"/>
		<input type="hidden" name="reset" value="yes"/>
		<input type="submit" value="Reset"/>
		</form>
_END;*/
	}
	else
	{
		echo "Answers do not match";
	}
}
/*elseif(isset($_POST['reset']) )
{
	if(gtpt('PASSWORD') == 'NULL')
	{
		echo "Registration failed: Password cannot be blank <br />"; 
	}
	else if($_POST['PASSWORD'] != $_POST['CONFPASSWORD'] )
	{
		echo "Registration failed: Passwords don't match <br />"; 
	}
	else
	{
		include('connect.php');
		$query = "UPDATE USERS SET PASSWORD='".$_POST['PASSWORD']."' WHERE USRID='".$_POST['USRID']."';";
		$result = mysql_query($query);
		if (!$result)
			echo "Password reset failed: $query <br />" . mysql_error() . "<br /> <br />";
		else echo "Password reset successful";
	}
}*/
elseif(!isset($_POST['save']) || !isset($_POST['USERNAME']) || gtpt('USERNAME') == 'NULL' )
{
	echo <<<_END
	<form action="?page=password" method="post"> <pre>
	<table border=2 width=100>
		<tr><th>USERNAME</th><th><input type="text" name='USERNAME'/></th></tr>
		</table></pre>
		<input type="hidden" name="save" value="yes"/>
		<input type="submit" value="Recover"/>
	</form>
_END;
}
else
{
	include('connect.php');
	echo ("<h2>" . $_POST['USERNAME'] . "</h2>");
	$query = "SELECT `USRID` FROM `USERS` WHERE USERNAME='" . $_POST['USERNAME'] . "';";
	$result = mysql_query($query);
	if (!$result) die ("Database access failed: " . mysql_error());
	$USRID = mysql_result($result,0);
	$query = "SELECT * FROM `USERS_SECURITY`,`SECURITY` WHERE USERS_SECURITY.SECID=SECURITY.SECID AND USRID=" . $USRID . ";";
	$result = mysql_query($query);
	$SQ1 = mysql_result($result,0,'QUESTION');
	$SQ2 = mysql_result($result,1,'QUESTION');
	$SA1 = mysql_result($result,0,'ANSWER');
	$SA2 = mysql_result($result,1,'ANSWER');
	echo <<<_END
	<form action="?page=password" method="post"> <pre>
	<table border=2>
		<tr><th>$SQ1</th><th><input type="text" name="ANSWER1" value=""></th></tr>
		<tr><th>$SQ2</th><th><input type="text" name="ANSWER2" value=""></th></tr>
		</table></pre>
		<input type="hidden" name="USRID" value="$USRID"/>
		<input type="hidden" name="SA1" value="$SA1"/>
		<input type="hidden" name="SA2" value="$SA2"/>
		<input type="hidden" name="recover" value="yes"/>
		<input type="submit" value="Recover"/>
	</form>
_END;
}



function gtpt($var)
{
	$result = trim($_POST[$var]);
	if(strlen($result) > 0)	return "'" . $result . "'";
	else return "NULL";
}
?>
